https://issues.apache.org/bugzilla/show_bug.cgi?id=50744
Summary: When Tomcat was updated from version 5.5.27 to 5.5.32, SSL support for Tomcat does not work. Product: Tomcat 5 Version: 5.5.32 Platform: Other OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: Servlet & JSP API AssignedTo: dev@tomcat.apache.org ReportedBy: murt...@us.ibm.com _1_) In response to CVE-2011-0013 ( and also to resolve other security issues) we decided to update Tomcat from Verion 5.5.27 to 5.5.32 _2_) The process to enable SSL for Tomcat documented at URL http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html was followed for setting up the SSL at Version 5.5.27. _2_a_) The following command was used to generate the Certificate Keystore $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA \ -keystore /home/tomcat/.keystore (However we used our customized password rather than the deafult one changeit) _2_b_) The following entry was added to server.xml : <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="SSL" keystoreFile="/home/tomcat/.keystore" keystorePass="<Known Password>" algorithm="IbmX509" /> _2_c_) This process has worked correctly for serving Tomcat without SSL on port 8080 and with SSL on port 8443 _3_) Similar process was used to setup SSL for Tomcat 5.5.32. However Tomcat starts with some errors serving Tomcat on non-SSL port 8080 correctly and the SSL port on 8443 does not work. (Catalina logs have some errors and I have attached the log to this BUG report). _4_) What changed between version 5.5.27 and 5.5.32 that resulted in this failure? Thank you for your help and support in this matter. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org